Description
Location
- File Path - src/py_bugger/cli/cli_utils.py
- Line Number - 182 - 192
Description of the Issue
git_dir comes from user input via --target-dir. No validation before using in subprocess.
Categorization
- Type - Security Vulnerability
- Severity -Critical
Steps to Reproduce
- Run py-bugger with --target-dir "../../etc"
- Path traversal possible
Proposed Fix
Validate that target_dir is within expected project root before using.
Description
Location
Description of the Issue
git_dir comes from user input via --target-dir. No validation before using in subprocess.
Categorization
Steps to Reproduce
Proposed Fix
Validate that target_dir is within expected project root before using.